Vuldb Updates

A vulnerability has been found in Fortinet FortiAnalyzer up to 7.0.13/7.2.10/7.4.6/7.6.2 and classified as problematic. Impacted is an unknown function of the component FortiCloud SSO. The manipulation leads to race condition. This vulnerability is traded as CVE-2025-54973. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability categorized as problematic has been discovered in Fortinet FortiAnalyzer up to 6.4.15/7.0.14/7.2.11/7.4.6/7.6.3. Affected is an unknown function of the component OFTP Request Handler. Executing manipulation can lead to information disclosure. The identification of this vulnerability is CVE-2025-53845. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in NVIDIA GeForce, RTX, Quadro, NVS, Tesla and Guest driver on Linux. It has been declared as critical. This affects an unknown part. Such manipulation leads to use after free. This vulnerability is documented as CVE-2025-23280. The attack needs to be performed locally. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Giflib Project 5.2.2 and classified as critical. Affected by this issue is the function gif2rgb. Executing manipulation can lead to heap-based buffer overflow. The identification of this vulnerability is CVE-2024-45993. The attack needs to be done within the local network. There is no exploit available.

A vulnerability labeled as critical has been found in Veritas Data Insight up to 7.1.0. Affected by this issue is some unknown functionality. Such manipulation leads to sql injection. This vulnerability is documented as CVE-2024-46542. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.8. It has been classified as problematic. Affected is the function cfg80211_cac_event. This manipulation causes privilege escalation. This vulnerability is handled as CVE-2024-57898. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.6.69/6.12.8. It has been classified as problematic. The impacted element is the function or_each_set_bit of the component mac80211. The manipulation leads to insufficient verification of data authenticity. This vulnerability is uniquely identified as CVE-2024-57899. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Proactive Risk Manager 9.1.1.0. Affected by this issue is some unknown functionality of the file /ar/config/configuation/. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2024-48569. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability identified as critical has been detected in pihome-shc PiHome 1.77. Affected by this issue is some unknown functionality of the file /ajax.php?Ajax=GetModal_MQTTEdit. This manipulation of the argument ID causes sql injection. This vulnerability is tracked as CVE-2025-1184. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in Diebold Nixdorf Vynamic Security Suite up to 3.3.0 SR11/4.0.0 SR03/4.1.0 SR01/4.2.0 and classified as critical. This affects an unknown part. Executing manipulation can lead to improper authorization. This vulnerability is tracked as CVE-2023-24062. The physical device can be targeted for the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Diebold Nixdorf Vynamic Security Suite up to 3.3.0 SR3. It has been declared as critical. This issue affects some unknown processing of the file /etc/initab of the component Pre-Boot Authorization. The manipulation results in improper authorization. This vulnerability is cataloged as CVE-2023-24064. An attack on the physical device is feasible. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Connectize AC21000 G6 641.139.1.1256. Impacted is an unknown function. The manipulation results in weak password recovery. This vulnerability is cataloged as CVE-2023-24052. The attack must originate from the local network. There is no exploit available.

A vulnerability described as critical has been identified in Haven. This affects an unknown part of the component Feed Handler. Such manipulation leads to server-side request forgery. This vulnerability is listed as CVE-2023-24060. The attack must be carried out from within the local network. In addition, an exploit is available.

A vulnerability was found in SGI IRIX up to 6.5.6. It has been declared as problematic. This issue affects some unknown processing of the component Performance Copilot. Executing manipulation can lead to information disclosure. This vulnerability appears as CVE-2000-0283. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in CNC Technology BizDB 1.0. It has been rated as critical. Impacted is an unknown function of the file bizdb-search.cgi. The manipulation of the argument dbname leads to improper privilege management. This vulnerability is traded as CVE-2000-0287. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in University of Washington imapd 4.7. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation results in memory corruption. This vulnerability is identified as CVE-2000-0284. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in Linux Kernel 2.2.10/2.2.12/2.2.14. Affected by this vulnerability is an unknown functionality of the component IP Masquerading Handler. Performing manipulation as part of UDP Packet results in improper privilege management. This vulnerability is identified as CVE-2000-0289. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in OneOrZero AIMS 2.6.0. This impacts an unknown function of the file index.php. Executing manipulation of the argument controller can lead to path traversal. The identification of this vulnerability is CVE-2010-4835. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability identified as critical has been detected in Insanevisions OneCMS 2.5. Affected is an unknown function of the file index.php. This manipulation of the argument User causes sql injection. This vulnerability is tracked as CVE-2010-0952. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as problematic was found in Dietrich Ayala NuSOAP 0.9.5. The affected element is an unknown function. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2010-3070. The attack can be launched remotely. Moreover, an exploit is present.